Understand Permissions LESSON 2.2 98-367 Security Fundamentals.

Slides:

Advertisements

Similar presentations

Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely P J Human Resources Pte Ltd presents:

Advertisements

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

Lesson 4: Configuring File and Share Access

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

Working with Workgroups and Domains

NTFS. Authentication Is the person who she says she is? If so, access is allowed In Windows, authentication is handled by a password-protected user account.

Cyber Patriot Training

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+

Week 9 Objectives Securing Files and Folders Protecting Shared Files and Folders by Using Shadow Copies Configuring Network Printing.

Implementing File and Print Services

Managing Windows Server 2008 R2 Lesson 2. Objectives.

With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface.

Operation system(windows) User Accounts. What is a user account?  A collection of information that tells Windows which files and folders you can access,

CIM6400 CTNW (04/05) 1 CIM6400 CTNW Lesson 6 – More on Windows 2000.

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.

IOS110 Introduction to Operating Systems using Windows Session 8 1.

FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.

Module 4 Managing Access to Resources in Active Directory ® Domain Services.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

Module 3 Configuring File Access and Printers on Windows ® 7 Clients.

Module 3 Configuring File Access and Printers on Windows 7 Clients.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.

Module 5: Managing Access to Objects in Organizational Units.

MA194Using WindowsNT1 Topics for the day… WindowsNT Security WindowsNT File System (NTFS) Viewing/Setting Document and Folder Permissions Access Control.

Lecture 6 File, Folder and Share Security. Objectives Managing file and folder security.

NetTech Solutions Security and Security Permissions Lesson Nine.

IT1001 – Personal Computer Hardware & system Operations Week7- Introduction to backup & restore tools Introduction to user account with access rights.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

1 Introduction to NTFS Permissions Assign NTFS permissions to specify Which users and groups can gain access to folders and files What they can do with.

Chapter Six Working with NDS Security. Chapter Objectives Describe NDS security and list the object and property rights Identify the NDS security needs.

10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

11/06/ أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 5.

6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.

11 SUPPORTING WINDOWS XP FILE AND FOLDER ACCESS Chapter 5.

Windows Vista Configuration MCTS : User Account Security.

For more information on Rouge, visit:

ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.

Windows Tutorial 5 Protecting Your Computer

Introducing, Installing, and Upgrading Windows 7

Introduction to NTFS Permissions

Module 7: Managing Access to Objects in Organizational Units

Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.

Introducing NTFS Reliability Security Long file names Efficiency

Network Locations in Windows 7

Presentation transcript:

Understand Permissions LESSON Security Fundamentals

LESSON 2.2 Lesson Overview Managing Permissions In this lesson, you will learn about:  Access control information known as a security descriptor  Permissions defined within an object's security descriptor  Permissions associated with, or assigned to, specific users and groups

Security Fundamentals LESSON 2.2 Anticipatory Set List the common types of permissions associated with Windows ® XP or Windows 7 (local) users or groups.

Security Fundamentals LESSON 2.2 Permissions The permissions attached to an object depend on the type of object. o For example, the permissions that can be attached to a file are different from those that can be attached to a registry key. Some permissions, however, are common to most types of objects. When you set permissions, you specify the level of access for groups and users. o For example, you can let one user read the contents of a file, let another user make changes to the file, and prevent all other users from accessing the file. You can set similar permissions on printers so that certain users can configure the printer and other users can only print.

Security Fundamentals LESSON 2.2 Permissions (continued)  In a networked or multiuser computer environment, the ability of a particular user to access a particular resource by means of his or her user account.  Granted by the system administrator or other authorized person. Several levels of access can be given: read only, read and write (view and change), or read, write, and delete. o File o Share o Active Directory ®

Security Fundamentals LESSON 2.2 File Permissions  Permissions are granted by the system administrator or other authorized person. Several levels of access can be given: read only, read and write (view and change), or read, write, and delete.  Each type of object is controlled by an object manager. o There is a different object manager for each type of object. Access the object types, their object managers, and the tools you use to manage these objects as follows: To allow or deny a permission, in the Permissions for User or Group box, select the Allow or Deny check box. o To remove the group or user from the Group or user names box, click Remove.

Security Fundamentals LESSON 2.2 Share Permissions  In a networked or multiuser computer environment, the ability of a particular user to access a particular resource is controlled by means of his or her user account.  Permissions are granted by the system administrator or other authorized person. Several levels of access can be given: read only, read and write (view and change), or read, write, and delete.  For a user or group to be able to access shared files, they must have sufficient share and NTFS permissions.  If FAT(32) permissions are shared, the only way to limit access is using share permissions. In reality most organizations set the share permissions to full control or even better modify and use NTFS permissions for access control.

Security Fundamentals LESSON 2.2 Registry Permissions  Windows stores much of its state information in the Windows Registry. o Registry data stores are known as Hives, where data is stored in keys and subkeys, which are both viewed as containers (subkeys are not viewed as objects).  The situation to avoid is a user modifying trusted parameters (such as turning the antivirus or anti-malware service off) or tampering with a tool that users or administrators use. o In a networked or multiuser computer environment, the ability of a particular user to access a particular resource is controlled by means of his or her user account.

Security Fundamentals LESSON 2.2 Explicit Permissions and Inherited Permissions  Explicit permissions are those that are set by default on nonchild objects when the object is created, or by user action on nonchild, parent, or child objects.  Inherited permissions are those that are propagated to an object from a parent object. o Inherited permissions ease the task of managing permissions and ensure consistency of permissions among all objects within a given container.

Security Fundamentals LESSON 2.2 Guiding Questions 1. Compare and contrast NTFS vs. FAT, or 2. What are the advantages/disadvantages of NTFS vs FAT?

Security Fundamentals LESSON 2.2 Class Activity – User Access Controls  User Account Control (UAC) is a feature in Windows that can help prevent unauthorized changes to your computer. UAC does this by asking you for permission or an administrator‌ password before performing actions that could potentially affect your computer's operation or change settings that affect other users.  When you see a UAC message, read it carefully, and then make sure the name of the action or program that's about to start is one that you intended to start. By verifying these actions before they start, UAC can help prevent malicious software (malware) from installing itself or making changes to your computer without permission.

Security Fundamentals LESSON 2.2 Class Activity – User Access Controls UAC alerts:  Windows needs your permission to continue. A Windows function or program that can affect other users of this computer needs your permission to start. Check the name of the action to ensure that it's a function or program you want to run.  A program needs your permission to continue. A program that's not part of Windows needs your permission to start. It has a valid digital signature indicating its name and its publisher, which ensure that the program is what it claims to be. Make sure that this is a program that you intended to run.  An unidentified program wants access to your computer. An unidentified program is one that doesn't have a valid digital signature from its publisher to ensure that the program is what it claims to be. This doesn't necessarily indicate malicious software, as many older, legitimate programs lack signatures. However, you should use extra caution and only allow this program to run if you obtained it from a trusted source, such as the original CD or a publisher's website.  This program has been blocked. This is a program that your administrator has specifically blocked from running on your computer. To run this program, you must contact your administrator and ask to have the program unblocked.  Create a report about User Access Controls, identifying when the various messages are seen and why permissions are either denied or granted.

Security Fundamentals LESSON 2.2 Advanced Security Settings Properties Page – Permissions Tab  Type: Either Allow or Deny this group or user this permission for this object  Name: Resource, user, or group  Permission: Restrictions currently applied to this object for this resource, user, or group  Inherited from: Identifies the parent object  Apply to: Identifies any descendant objects to which the permissions are also applied Summarize the Advanced Security Settings Properties Page – Permissions Tab on your computer.